Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
134511	8.1	重要 Network	デル	Dell EMC Avamar Server Dell EMC Integrated Data Protection Appliance	Dell EMC Avamar Server における不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2021-21511	2021-11-5 18:08	2021-02-4	Show	GitHub Exploit DB Packet Storm

134512	9.8	緊急 Network	Dokeos	E-Learning System	E-Learning System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2021-3239	2021-11-5 18:08	2021-01-15	Show	GitHub Exploit DB Packet Storm

134513	9.8	緊急 Network	Teachers Record Management System project	Teachers Record Management System	Teachers Record Management System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2021-26822	2021-11-5 18:07	2021-02-13	Show	GitHub Exploit DB Packet Storm

134514	9.8	緊急 Network	CASAP Automated Enrollment System project	CASAP Automated Enrollment System	CASAP Automated Enrollment System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2021-26201	2021-11-5 18:07	2021-01-21	Show	GitHub Exploit DB Packet Storm

134515	9.8	緊急 Network	Library System project	Library System	Library System における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2021-26200	2021-11-5 18:07	2021-01-21	Show	GitHub Exploit DB Packet Storm

134516	5.5	警告 Local	Dekart	Private Disk	Dekart Private Disk における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2021-27203	2021-11-5 18:02	2021-02-16	Show	GitHub Exploit DB Packet Storm

134517	8.8	重要 Network	Racom	MIDGE ファームウェア	Racom MIDGE ファームウェアにおける OS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2021-20074	2021-11-5 18:02	2021-02-16	Show	GitHub Exploit DB Packet Storm

134518	8.8	重要 Network	Racom	MIDGE ファームウェア	Racom MIDGE ファームウェアにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2021-20073	2021-11-5 18:02	2021-02-16	Show	GitHub Exploit DB Packet Storm

134519	7.2	重要 Network	Racom	MIDGE ファームウェア	Racom MIDGE ファームウェアにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2021-20072	2021-11-5 18:02	2021-02-16	Show	GitHub Exploit DB Packet Storm

134520	5.3	警告 Network	Racom	MIDGE ファームウェア	Racom MIDGE ファームウェアにおける情報漏えいに関する脆弱性	CWE-200 情報漏えい	CVE-2021-20067	2021-11-5 18:02	2021-02-16	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
511	6.1	MEDIUM Network	angularjs	angularjs	Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, Angular's HttpTransferCache … New	CWE-328 CWE-345 Use of Weak Hash Insufficient Verification of Data Authenticity	CVE-2026-54266	2026-06-27 04:37	2026-06-23	Show	GitHub Exploit DB Packet Storm

512	7.5	HIGH Network	aiohttp	aiohttp	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, if an attacker sends large incomplete websocket frame payloads, it may be possible to bypass the usual… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-54274	2026-06-27 04:37	2026-06-23	Show	GitHub Exploit DB Packet Storm

513	7.5	HIGH Network	aiohttp	aiohttp	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the server_hostname TLS SNI check can be bypassed when an existing connection is reused. If an applica… New	CWE-297 Improper Validation of Certificate with Host Mismatch	CVE-2026-54275	2026-06-27 04:36	2026-06-23	Show	GitHub Exploit DB Packet Storm

514	7.5	HIGH Network	aiohttp	aiohttp	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save() and then restored later with CookieJar.load() l… New	CWE-665 Improper Initialization	CVE-2026-54279	2026-06-27 04:36	2026-06-23	Show	GitHub Exploit DB Packet Storm

515	7.5	HIGH Network	aiohttp	aiohttp	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a pa… New	CWE-404 Improper Resource Shutdown or Release	CVE-2026-54280	2026-06-27 04:35	2026-06-23	Show	GitHub Exploit DB Packet Storm

516	6.1	MEDIUM Network	angularjs	angularjs	Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, to optimize client-side boot… New	CWE-79 CWE-471 Cross-site Scripting Modification of Assumed-Immutable Data (MAID)	CVE-2026-54267	2026-06-27 04:35	2026-06-23	Show	GitHub Exploit DB Packet Storm

517	6.1	MEDIUM Network	angularjs	angularjs	Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an issue in the @angular/com… New	CWE-79 Cross-site Scripting	CVE-2026-54265	2026-06-27 04:35	2026-06-23	Show	GitHub Exploit DB Packet Storm

518	6.1	MEDIUM Network	angularjs	angularjs	Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in th… New	CWE-79 Cross-site Scripting	CVE-2026-52725	2026-06-27 04:34	2026-06-23	Show	GitHub Exploit DB Packet Storm

519	5.8	MEDIUM Network	guzzlephp	guzzle	Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-padded variants. SetCookie::matchesDomain() removes lea… New	CWE-346 CWE-1286 Origin Validation Error Improper Validation of Syntactic Correctness of Input	CVE-2026-55767	2026-06-27 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

520	5.9	MEDIUM Network	guzzlephp	guzzle	Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, in certain configurations, traffic expected to be protected by TLS on the hop to the proxy is transmitted in cleartext. Proxy authentication … New	CWE-311 CWE-319 CWE-636 Missing Encryption of Sensitive Data Cleartext Transmission of Sensitive Information Not Failing Securely ('Failing Open')	CVE-2026-55568	2026-06-27 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm